﻿using System;
using System.Collections.Generic;
using System.Linq;
using System.Web;
using System.Web.UI;
using System.Web.UI.WebControls;
using UserLoginDemo.BLL;
using UserLoginDemo.Model;

namespace UserLoginDemo.web
{
    public partial class UserLogin : System.Web.UI.Page
    {
        public string UserName { get; set; }
        public string Msg { get; set; }

        protected void Page_Load(object sender, EventArgs e)
        {
            if (IsPostBack)
            {
                if (CheckValidateCode())
                {
                    CheckUserInfo();
                }
                else
                {
                    //验证码错误
                    Msg = "验证码错误!!!";
                }
            }
        }

        #region 判断用户名和密码是否正确
        /// <summary>
        /// 判断用户名和密码是否正确，在此先判断验证码可以防止HK攻击
        /// </summary>
        private void CheckUserInfo()
        {
            //获取用户名和密码
            string userName = Request.Form["txtName"];
            UserName = userName;
            string Password = Request.Form["txtPwd"];
            UserStudentService BLL = new UserStudentService();
            string msg = string.Empty;
            UserStuentLogin userStudent = null;
            //判断用户名和密码
            if (BLL.ValidateUserInfo(userName,Password,out msg,out userStudent))
            {
                Session["userStudent"] = userStudent;
                Response.Redirect("UserStudentList.aspx");
            }
            else
            {
                Msg = msg;
            }
        }
        #endregion



        #region 验证码
        /// <summary>
        /// 用于检查验证是否正确
        /// </summary>
        /// <returns></returns>
        private bool CheckValidateCode()
        {
            bool isSucess = false;
            if (Session["validateCode"] != null)
            {
                string txtCode = Request.Form["txtCode"];//获取输入的输入的验证码
                string SysCode = Session["validateCode"].ToString();
                if (SysCode.Equals(txtCode, StringComparison.InvariantCultureIgnoreCase))
                {
                    isSucess = true;
                    Session["validateCode"] = null;//清空Session里的验证码
                }
            }
            return isSucess;
        }
        #endregion
    }
}